Sat.Mar 23, 2024

article thumbnail

DroneXtract: A digital forensics suite for DJI drones

Penetration Testing

DroneXtract DroneXtract is a comprehensive digital forensics suite for DJI drones made with Golang. It can be used to analyze drone sensor values and telemetry data, visualize drone flight maps, audit for criminal activity,... The post DroneXtract: A digital forensics suite for DJI drones appeared first on Penetration Testing.

article thumbnail

Large-scale Sign1 malware campaign already infected 39,000+ WordPress sites

Security Affairs

A large-scale malware campaign, tracked as Sign1, has already compromised 39,000 WordPress sites in the last six months. Sucurity researchers at Sucuri spotted a malware campaign, tracked as Sign1, which has already compromised 39,000 WordPress sites in the last six months. The experts discovered that threat actors compromised the websites implanting malicious JavaScript injections that redirect visitors to malicious websites.

Malware 144
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

toolkit: The essential toolkit for reversing, malware analysis, and cracking

Penetration Testing

Indetectables Toolkit This tool compilation is carefully crafted to be useful both for beginners and veterans of the malware analysis world. It has also proven useful for people trying their luck at the cracking... The post toolkit: The essential toolkit for reversing, malware analysis, and cracking appeared first on Penetration Testing.

article thumbnail

German Police Seize 'Nemesis Market' in Major International Darknet Raid

The Hacker News

German authorities have announced the takedown of an illicit underground marketplace called Nemesis Market that peddled narcotics, stolen data, and various cybercrime services.

Marketing 144
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

China-Backed Hackers Escalate Cyber Campaigns, Targeting Operational Technology

Penetration Testing

A comprehensive report from ReliaQuest Threat Research reveals a concerning trend in China-linked cyberattacks: a sustained focus on compromising Operational Technology (OT) environments within critical infrastructure sectors. These attacks indicate a shift beyond conventional... The post China-Backed Hackers Escalate Cyber Campaigns, Targeting Operational Technology appeared first on Penetration Testing.

article thumbnail

N. Korea-linked Kimsuky Shifts to Compiled HTML Help Files in Ongoing Cyberattacks

The Hacker News

The North Korea-linked threat actor known as Kimsuky (aka Black Banshee, Emerald Sleet, or Springtail) has been observed shifting its tactics, leveraging Compiled HTML Help (CHM) files as vectors to deliver malware for harvesting sensitive data. Kimsuky, active since at least 2012, is known to target entities located in South Korea as well as North America, Asia, and Europe.

Malware 141

More Trending

article thumbnail

Microsoft to shut down 50 cloud services for Russian businesses

Bleeping Computer

Microsoft plans to limit access to over fifty cloud products for Russian organizations by the end of March as part of the sanctions requirements against the country issued by EU regulators last December. [.

129
129
article thumbnail

USENIX Security ’23 – Yijie Bai, Yanjiao Chen, Hanlei Zhang, Wenyuan Xu, Haiqin Weng, Dou Goodman – VILLAIN: Backdoor Attacks Against Vertical Split Learning

Security Boulevard

Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott ; and via the organizations YouTube channel. Permalink The post USENIX Security ’23 – Yijie Bai, Yanjiao Chen, Hanlei Zhang, Wenyuan Xu, Haiqin Weng, Dou Goodman – VILLAIN: Backdoor Attacks Against Vertical Split Learning appeared first on Security Boulevard.

64
article thumbnail

Opera sees big jump in EU users on iOS, Android after DMA update

Bleeping Computer

Opera has reported a substantial 164% increase in new European Union users on iOS devices after Apple introduced a new feature to comply with the EU's Digital Markets Act (DMA). [.

article thumbnail

Apple Chip Flaw Leaks Secret Encryption Keys

WIRED Threat Level

Plus: The Biden administration warns of nationwide attacks on US water systems, a new Russian wiper malware emerges, and China-linked hackers wage a global attack spree.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Russia-linked APT29 targeted German political parties with WINELOADER backdoor

Security Affairs

Russia-linked threat actors employ the WINELOADER backdoor in recent attacks targeting German political parties. In late February, Mandiant researchers spotted the Russia-linked group APT29 using a new variant of the WINELOADER backdoor to target German political parties with a CDU-themed lure. This is the first time Mandiant observed the APT29 subcluster targeting political parties, suggesting an emerging interest beyond the typical targeting of diplomatic missions.

Phishing 140